—

MAL-2026-6086

Malicious code in ai-chat-helper (npm)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (39a12d35a8713a8f63eaf342901214a7f53fa396b9ee8218d246e5e0db7b6318) collect.js performs system reconnaissance and exfiltration to a hardcoded attacker-controlled host. The script imports child_process, os, fs, http, and https; reads os.hostname(), os.homedir(), and inspects local filesystem paths via fs.existsSync; and POSTs the collected data to http://aab.sportsontheweb.net (line 13/line 366). The destination is an unrelated third-party domain over cleartext HTTP, with no relationship to any documented chat-helper functionality. This is the canonical credential/host-info beacon shape: child_process for command execution, os for host identity, fs for local file enumeration, and a hardcoded HTTP POST to an attacker domain.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / ai-chat-helper

No fixed version published yet for ai-chat-helper (npm). Pin to a known-safe version or switch to an alternative.

References

https://www.npmjs.com/package/ai-chat-helper/v/1.0.9 [PACKAGE]
https://www.npmjs.com/package/ai-chat-helper/v/1.0.2 [PACKAGE]
https://www.npmjs.com/package/ai-chat-helper/v/1.0.1 [PACKAGE]